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CLAIMS 

We claim: 

1 . A method comprising the steps of: 
5 (a) receiving a request for a certificate related action for a user; and 

(b) retrieving a workflow for responding to said request from a set of 
workflows, wherein said workflow corresponds to said certificate related action and a set 
of characteristics for said user. 

10 2. The method of claim 1, wherein said set of workflows includes a plurality 

of workflows for responding to said certificate related action and wherein each workflow 
in said plurality of workflows corresponds to a different set of characteristics for a user. 

3. The method of claim 2, wherein a first workflow in said plurality of 
15 workflows contains a first set of directives and a second workflow in said plurality of 

workflows contains a second set of directives, wherein said first set of directives is 
different from said second set of directives. 

4. The method of claim 3, wherein said certificate related action is a 
20 certificate enrollment action, wherein said first workflow in said plurality of workflows 

calls for obtaining an approval before issuing a certificate and wherein said second 
workflow in said plurality of workflows does not call for obtaining an approval before 
issuing a certificate. 

25 5. The method of claim 3, wherein said certificate related action is a 

certificate renewal action, wherein said first workflow in said plurality of workflows calls 
for retrieving an approval before renewing a certificate and wherein said second 
workflow in said plurality of workflows does not call for retrieving an approval before 
renewing a certificate. 

30 
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6. The method of claim 3, wherein said certificate related action is a 
certificate revocation action. 

7. The method of claim 3, further including the step of: 

(c) receiving said plurality of workflows . 

8. The method of claim 1, wherein said method further includes the step of: 

(d) performing said workflow, wherein said step (d) includes the steps of: 

(1) retrieving an approval response; and 

(2) obtaining a certificate. 

9. The method of claim 8, further including the steps of: 

(e) receiving a second request for a second certificate related action for a 
second user; 

(f) retrieving a second workflow for responding to said second request from 
said set of workflows, wherein said second workflow corresponds to said second 
certificate related action and a set of characteristics for said second user; and 

(g) performing said second workflow, wherein said step (g) includes the step 

of: 

(1) obtaining a second certificate without retrieving an approval 
response. 

10. The method of claim 9, wherein said certificate related action is a 
certificate enrollment action and said second certificate related action is a certificate 
enrollment action. 

11. The method of claim 9, wherein said certificate related action is a 
certificate renewal action and said second certificate related action is a certificate renewal 
action. 

12. The method of claim 1 , further including the step of: 
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(h) performing said workflow, wherein said certificate related action is a 
certificate enrollment action and wherein said step (h) includes the step of: 

(1) obtaining a certificate, wherein said step (h)(1) includes the steps 

of: 

(i) authenticating said user; 

(ii) forwarding said request to a Certificate Processing Server; 

(iii) receiving said certificate; and 

(iv) storing said certificate. 

13 . The method of claim I, further including the step of: 

(j) performing said workflow, wherein said certificate related action is a 
certificate renewal action and wherein said step (j) includes the step of: 

(1) obtaining a certificate renewal, wherein said step (j)(l) includes the 
steps of: 

(i) authenticating said user; 

(ii) forwarding said request to a Certificate Processing Server; 

and 

(iii) receiving a certificate renewal acknowledgement. 

14. The method of claim 1, further including the step of: 

(k) performing said workflow, wherein said certificate related action is a 
certificate revocation action and wherein said step (k) includes the step of: 

(1) revoking a certificate, wherein said step (k)(l) includes the steps 

of: 

(i) authenticating said user; and 

(ii) forwarding said request to a Certificate Processing Server. 

15. The method of claim 1 , wherein said steps (a) and (b) are performed by an 
Identity System in communication with an Access System. 
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16. One or more processor readable storage devices having processor readable 
code embodied on said processor readable storage devices, said processor readable code 
for programming one or more processors to perform a method comprising the steps of: 

(a) receiving a request for a certificate related action for a user; and 

(b) retrieving a workflow for responding to said request from a set of 
workflows, wherein said workflow corresponds to said certificate related action and a set 
of characteristics for said user. 

17. One or more processor readable storage devices according to claim 16, 
wherein said set of workflows includes a plurality of workflows for responding to said 
certificate related action and wherein each workflow in said plurality of workflows 
corresponds to a different set of characteristics for a user. 

18. One or more processor readable storage device according to claim 17, 
wherein a first workflow in said plurality of workflows contains a first set of directives 
and a second workflow in said plurality of workflows contains a second set of directives, 
wherein said first set of directives is different from said second set of directives. 

19. One or more processor readable storage devices according to claim 18, 
wherein said certificate related action is a certificate enrollment action, wherein said first 
workflow in said plurality of workflows calls for obtaining an approval before issuing a 
certificate and wherein said second workflow in said plurality of workflows does not call 
for obtaining an approval before issuing a certificate. 

20. One or more processor readable storage devices according to claim 18, 
wherein said method further includes the step of: 

(c) receiving said plurality of workflows. 

21. One or more processor readable storage devices according to claim 16, 
wherein said method further includes the steps of: 

(d) performing said workflow, wherein said step (d) includes the steps of: 
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(1) retrieving an approval response; and 

(2) obtaining a certificate; 

(e) receiving a second request for a second certificate related action for a 
second user; 

5 (f) retrieving a second workflow for responding to said second request from 

said set of workflows, wherein said second workflow corresponds to said second 
certificate related action and a set of characteristics for said second user; and 

(g) performing said second workflow, wherein said step (g) includes the step 

of: 

10 (1) obtaining a second certificate without retrieving an approval 

response. 



22. One or more processor readable storage devices according to claim 21, 
wherein said certificate related action is a certificate enrollment action and said second 
15 certificate related action is a certificate enrollment action. 



23. One or more processor readable storage devices according to claim 16, 
wherein said method further includes the step of: 

(h) performing said workflow, wherein said certificate related action is a 
20 certificate enrollment action and wherein said step (h) includes the step of: 

(1) obtaining a certificate, wherein said step (h)(1) includes the steps 

of: 

(i) authenticating said user; 

(ii) forwarding said request to a Certificate Processing Server; 
25 (iii) receiving said certificate; and 

(iv) storing said certificate. 



24. One or more processor readable storage devices according to claim 16, 
wherein said method further includes the step of: 
30 (j) performing said workflow, wherein said certificate related action is a 

certificate renewal action and wherein said step (j) includes the step of: 
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(1) obtaining a certificate, wherein said step includes the steps 

of: 

(i) authenticating said user; 

(ii) forwarding said request to a Certificate Processing Server; 

and 

(iii) receiving a certificate renewal acknowledgement. 

25. One or more processor readable storage devices according to claim 16, 
wherein said method further includes the step of: 

(k) performing said workflow, wherein said certificate related action is a 
certificate revocation action and wherein said step (k) includes the step of: 

(1) revoking a certificate, wherein said step (k)(l) includes the steps 

of: 

(i) authenticating said user; and 

(ii) forwarding said request to a Certificate Processing Server. 

26. One or more processor readable storage devices according to claim 16, 
wherein said steps (a) and (b) are performed by an Identity System in communication 
with an Access System. 

27. An apparatus comprising: 

one or more communications interfaces; 
one or more storage devices; and 

one or more processors in communication with said one or more storage devices 
and said one or more communication interfaces, said one or more processors perform a 
method comprising the steps of: 

(a) receiving a request for a certificate related action for a user; and 

(b) retrieving a workflow for responding to said request from a set of 
workflows, wherein said workflow corresponds to said certificate related action and a set 
of characteristics for said user. 
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28. The apparatus of claim 27, wherein said set of workflows includes a 
plurality of workflows for responding to said certificate related action and wherein each 
workflow in said plurality of workflows corresponds to a different set of characteristics 
for a user. 

29. The apparatus of claim 28, wherein a first workflow in said plurality of 
workflows contains a first set of directives and a second workflow in said plurality of 
workflows contains a second set of directives, wherein said first set of directives is 
different from said second set of directives. 

30. The apparatus of claim 29, wherein said certificate related action is a 
certificate enrollment action, wherein said first workflow in said plurality of workflows 
calls for obtaining an approval before issuing a certificate and wherein said second 
workflow in said plurality of workflows does not call for obtaining an approval before 
issuing a certificate. 

31. The apparatus of claim 29, wherein said method further includes the step 

of: 

(c) receiving said plurality of workflows. 



32. The apparatus of claim 27, wherein said method further includes the steps 

of: 

(d) performing said workflow, wherein said step (d) includes the steps of: 

(1) retrieving an approval response; and 

(2) obtaining a certificate; 

(e) receiving a second request for a second certificate related action for a 
second user; 

(f) retrieving a second workflow for responding to said second request from 
said set of workflows, wherein said second workflow corresponds to said second 
certificate related action and a set of characteristics for said second user; and 
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(g) performing said second workflow, wherein said step (g) includes the step 

of: 

(1) obtaining a second certificate without retrieving an approval 
response. 

33. The apparatus of claim 32, wherein said certificate related action is a 
certificate enrollment action and said second certificate related action is a certificate 
enrollment action. 

34. The apparatus of claim 27, wherein said method further includes the step 

of: 

(h) performing said workflow, wherein said certificate related action is a 
certificate enrollment action and wherein said step (h) includes the step of: 

(1) obtaining a certificate, wherein said step (h)(1) includes the steps 

of: 

(i) authenticating said user; 

(ii) forwarding said request to a Certificate Processing Server; 

(iii) receiving said certificate; and 

(iv) storing said certificate. 

35. The apparatus of claim 27, wherein said method further includes the step 

of: 

(j) performing said workflow, wherein said certificate related action is a 
certificate renewal action and wherein said step (j) includes the step of: 

(1) obtaining a certificate, wherein said step (j)(l) includes the steps 

of: 

(i) authenticating said user; 

(ii) forwarding said request to a Certificate Processing Server; 

and 

(iii) receiving a certificate renewal acknowledgement. 
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36. The apparatus of claim 27, wherein said method further includes the step 

of: 

(k) performing said workflow, wherein said certificate related action is a 
certificate revocation action and wherein said step (k) includes the step of: 
5 (1) revoking a certificate, wherein said step (k)(l) includes the steps 

of: 

(i) authenticating said user; and 

(ii) forwarding said request to a Certificate Processing Server. 

10 37. The apparatus of claim 27, wherein said steps (a) and (b) are performed by 

an Identity System in communication with an Access System. 

38. A method comprising the steps of: 

(a) receiving a request for a certificate related action for a user; and 
15 (b) retrieving a workflow for responding to said request from a set of 

workflows, 

wherein said workflow corresponds to said certificate related action and a 
set of characteristics for said user, 

wherein said s.et of workflows includes a plurality of workflows for 
responding to said certificate related action, and 

wherein each workflow in said plurality of workflows corresponds to a 
different set of characteristics for a user. 

39. The method of claim 38, further including the step of: 

(c) receiving said plurality of workflows. 

40. The method of claim 38, wherein said method further includes the steps 

(d) performing said workflow, wherein said step (d) includes the steps of: 

(1) retrieving an approval response; and 

(2) obtaining a certificate; 
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(e) receiving a second request for a second certificate related action for a 
second user; 

(f) retrieving a second workflow for responding to said second request from 
said set of workflows, wherein said second workflow corresponds to said second 
certificate related action and a set of characteristics for said second user; and 

(g) performing said second workflow, wherein said step (g) includes the step 

of: 

(1) obtaining a second certificate without retrieving an approval 
response. 

41. The method of claim 40, wherein said certificate related action and said 
second certificate related action call for the same certificate related action. 

42. The method of claim 40, wherein said steps (a), (b), (d), (e), (f), and (g) 
are performed by an Identity System in communication with an Access System. 

43 . One or more processor readable storage devices having processor readable 
code embodied on said processor readable storage devices, said processor readable code 
for programming one or more processors to perform a method comprising the steps of: 

(a) receiving a request for a certificate related action for a user; and 

(b) retrieving a workflow for responding to said request from a set of 
workflows, 

wherein said workflow corresponds to said certificate related action and a 
set of characteristics for said user, 

wherein said set of workflows includes a plurality of workflows for 
responding to said certificate related action, and 

wherein each workflow in said plurality of workflows corresponds to a 
different set of characteristics for a user. 

44. One or more processor readable storage devices according to claim 43, 
wherein said method further includes the step of: 
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(c) receiving said plurality of workflows. 

45. One or more processor readable storage devices according to claim 43, 
wherein said method further includes the steps of: 

(d) performing said workflow, wherein said step (d) includes the steps of: 

(1) retrieving an approval response; and 

(2) obtaining a certificate; 

(e) receiving a second request for a second certificate related action for a 
second user; 

(f) retrieving a second workflow for responding to said second request from 
said set of workflows, wherein said second workflow corresponds to said second 
certificate related action and a set of characteristics for said second user; and 

(g) performing said second workflow, wherein said step (g) includes the step 

of: 

(1) obtaining a second certificate without retrieving an approval 
response. 

46. One or more processor readable storage devices according to claim 45, 
wherein said certificate related action and said second certificate related action call for 
the same certificate related action. 

47. One or more processor readable storage devices according to claim 45, 
wherein said steps (a), (b), (d), (e), (f), and (g) are performed by an Identity System in 
communication with an Access System. 

48. An apparatus comprising: 

one or more communications interfaces; 
one or more storage devices; and 

one or more processors in communication with said one or more storage devices 
and said one or more communication interfaces, said one or more processors perform a 
method comprising the steps of: 
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(a) receiving a request for a certificate related action for a user; and 

(b) retrieving a workflow for responding to said request from a set of 
workflows, 

wherein said workflow corresponds to said certificate related action and a 
set of characteristics for said user, 

wherein said set of workflows includes a plurality of workflows for 
responding to said certificate related action, and 

wherein each workflow in said plurality of workflows corresponds to a 
different set of characteristics for a user. 

49. The apparatus of claim 48, wherein said method further includes the step 

of: 

(c) receiving said plurality of workflows. 



50. The apparatus of claim 48, wherein said method further includes the steps 

of: 

(d) performing said workflow, wherein said step (d) includes the steps of: 

(1) retrieving an approval response; and 

(2) obtaining a certificate; 

(e) receiving a second request for a second certificate related action for a 
second user; 

(f) retrieving a second workflow for responding to said second request from 
said set of workflows, wherein said second workflow corresponds to said second 
certificate related action and a set of characteristics for said second user; and 

(g) performing said second workflow, wherein said step (g) includes the step 

of: 

(1) obtaining a second certificate without retrieving an approval 
response. 

51 . The apparatus of claim 50, wherein said certificate related action and said 
second certificate related action call for the same certificate related action. 
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52. The apparatus of claim 50, wherein said steps (a), (b), (d), (e), (f), and (g) 
are performed by an Identity System in communication with an Access System. 
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